cwshredder znalazł CWS.Msconfig
W Windows Worms Doors Cleaner wyświetla coś takiego
ComboFix
- Kod: Zaznacz wszystko
ComboFix 07-08-17.2 - "Kobyka" 2008-12-01 13:53:29.20 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.3.1250.1.1045.18.846 [GMT 1:00]
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
C:\WINDOWS\system32\tmp34.tmp
((((((((((((((((((((((((( Files Created from 2008-11-01 to 2008-12-01 )))))))))))))))))))))))))))))))
2008-11-30 12:18 446,464 --a------ C:\WINDOWS\system32\HHActiveX.dll
2008-11-30 12:18 <DIR> d-------- C:\Program Files\StatSoft
2008-11-29 20:18 <DIR> d-------- C:\Program Files\DIFX
2008-11-29 20:17 8,704 --a------ C:\WINDOWS\system32\drivers\nmwcdc.sys
2008-11-29 20:17 4,608 --a------ C:\WINDOWS\system32\nmwcdlog.dll
2008-11-29 20:17 30,720 --a------ C:\WINDOWS\system32\nmwcdcocls.dll
2008-11-29 20:17 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcm.sys
2008-11-29 20:17 13,312 --a------ C:\WINDOWS\system32\drivers\nmwcdcj.sys
2008-11-29 20:17 127,488 --a------ C:\WINDOWS\system32\drivers\nmwcd.sys
2008-11-29 20:17 <DIR> d-------- C:\Program Files\Common Files\Nokia
2008-11-29 20:16 50,688 --a------ C:\WINDOWS\system32\nmwcdcls.dll
2008-11-29 20:16 <DIR> d-------- C:\Program Files\Nokia
2008-11-29 20:16 <DIR> d-------- C:\Program Files\Common Files\PCSuite
2008-11-29 15:28 <DIR> d-------- C:\Program Files\NewBlue
2008-11-29 15:28 <DIR> d-------- C:\Program Files\Common Files\eSellerate
2008-11-29 12:12 <DIR> d-------- C:\Program Files\Google
2008-11-29 10:23 81,920 --a------ C:\WINDOWS\system32\dpl100.dll
2008-11-29 10:23 755,027 --a------ C:\WINDOWS\system32\xvidcore.dll
2008-11-29 10:23 684,032 --a------ C:\WINDOWS\system32\divx.dll
2008-11-29 10:23 57,344 --a------ C:\WINDOWS\system32\ff_vfw.dll
2008-11-29 10:23 3,596,288 --a------ C:\WINDOWS\system32\qt-dx331.dll
2008-11-29 10:23 217,088 --a------ C:\WINDOWS\system32\yv12vfw.dll
2008-11-29 10:23 159,839 --a------ C:\WINDOWS\system32\xvidvfw.dll
2008-11-25 20:12 <DIR> d-------- C:\Program Files\pspvc
2008-11-25 20:12 <DIR> d-------- C:\Program Files\AviSynth 2.5
2008-11-20 21:44 42,320 --a------ C:\WINDOWS\system32\xfcodec.dll
2008-11-16 22:55 23,552 --a------ C:\WINDOWS\system32\MSMPIDE.DLL
2008-11-16 22:55 116,224 --a------ C:\WINDOWS\system32\pdfcmnnt.dll
2008-11-16 22:55 <DIR> d-------- C:\Program Files\PDFCreator
2008-11-12 10:37 4,682 -ra------ C:\WINDOWS\system32\npptNT2.sys
2008-11-10 15:33 <DIR> d-------- C:\Program Files\Hewlett-Packard
2008-11-10 15:33 <DIR> d-------- C:\Program Files\Common Files\HP
2008-11-10 15:32 <DIR> d-------- C:\Program Files\Common Files\Hewlett-Packard
2008-11-10 15:31 <DIR> d-------- C:\Program Files\HP
2008-11-10 15:26 49,920 -ra------ C:\WINDOWS\system32\drivers\HPZid412.sys
2008-11-10 15:26 2,000 --------- C:\WINDOWS\hpomdl14.dat
2008-11-10 15:26 16,496 -ra------ C:\WINDOWS\system32\drivers\HPZipr12.sys
2008-11-10 15:26 155,227 --a------ C:\WINDOWS\hpoins14.dat
2008-11-10 15:25 675,840 -ra------ C:\WINDOWS\system32\hpowiax3.dll
2008-11-10 15:25 569,344 -ra------ C:\WINDOWS\system32\hpotscl3.dll
2008-11-10 15:25 364,544 -ra------ C:\WINDOWS\system32\hppldcoi.dll
2008-11-10 15:25 309,760 -ra------ C:\WINDOWS\system32\difxapi.dll
2008-11-10 15:25 303,104 -ra------ C:\WINDOWS\system32\hpovst10.dll
2008-11-10 15:25 267,864 -ra------ C:\WINDOWS\system32\hpzids01.dll
2008-11-10 15:25 21,568 -ra------ C:\WINDOWS\system32\drivers\HPZius12.sys
2008-11-10 15:25 117,760 --a------ C:\WINDOWS\system32\hpzll5ha.dll
2008-11-03 16:10 <DIR> d-------- C:\WINDOWS\system32\xlive
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
2008-12-01 13:55 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\Azureus
2008-12-01 13:49 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\SiteAdvisor
2008-12-01 13:07 --------- d-------- C:\Program Files\Mozilla Firefox 3 Beta 3
2008-12-01 12:35 110592 --a------ C:\WINDOWS\system32\imm32.dll
2008-12-01 00:02 923900 --ahs---- C:\WINDOWS\system32\drivers\fidbox.idx
2008-12-01 00:02 66565664 --ahs---- C:\WINDOWS\system32\drivers\fidbox.dat
2008-12-01 00:02 3143456 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.dat
2008-12-01 00:02 309344 --ahs---- C:\WINDOWS\system32\drivers\fidbox2.idx
2008-11-30 19:14 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\SunODFPluginforMicrosoftOffice1
2008-11-30 18:44 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\gtk-2.0
2008-11-29 20:23 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\DataLayer
2008-11-29 20:18 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\PC Suite
2008-11-29 17:37 183112 --a------ C:\WINDOWS\system32\PnkBstrB.exe
2008-11-29 17:37 138184 --a------ C:\WINDOWS\system32\drivers\PnkBstrK.sys
2008-11-29 17:33 66872 --a------ C:\WINDOWS\system32\PnkBstrA.exe
2008-11-29 10:23 --------- d-------- C:\Program Files\K-Lite Codec Pack
2008-11-28 15:40 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\teamspeak2
2008-11-28 10:54 --------- d-------- C:\Program Files\CamStudio
2008-11-27 21:08 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\FileZilla
2008-11-26 23:23 --------- d-------- C:\Program Files\PowerISO
2008-11-26 22:03 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\Leadertech
2008-11-26 18:46 --------- d-------- C:\Program Files\Xfire
2008-11-24 19:09 --------- d-------- C:\Program Files\FlashGet
2008-11-21 21:40 --------- d--h----- C:\Program Files\InstallShield Installation Information
2008-11-21 15:48 --------- d-------- C:\Program Files\Azureus
2008-11-15 14:01 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\Autodesk
2008-11-03 22:56 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\Canon
2008-11-02 15:28 --------- d-------- C:\Program Files\ATI Technologies
2008-10-29 20:41 --------- d-------- C:\Program Files\Common Files\Autodesk Shared
2008-10-29 20:41 --------- d-------- C:\Program Files\AutoCAD 2008
2008-10-29 08:09 --------- d-------- C:\Program Files\Autodesk
2008-10-22 19:33 304528 --a------ C:\WINDOWS\system32\appdrvrem01.exe
2008-10-22 19:33 2915944 --a------ C:\WINDOWS\system32\drivers\appdrv01.sys
2008-10-21 19:09 --------- d-------- C:\Program Files\PMFplay H.264 Decoder
2008-10-15 20:04 --------- d-------- C:\Program Files\danny_kay1710
2008-10-10 12:51 --------- d-------- C:\Program Files\ABBYY FineReader 9.0
2008-10-10 12:48 --------- d-------- C:\Program Files\Common Files\ABBYY
2008-10-10 07:57 3331072 --a------ C:\WINDOWS\system32\drivers\ati2mtag.sys
2008-10-10 03:37 425984 --a------ C:\WINDOWS\system32\ATIDEMGX.dll
2008-10-10 03:36 311296 --a------ C:\WINDOWS\system32\ati2dvag.dll
2008-10-10 03:26 10772480 --a------ C:\WINDOWS\system32\atioglxx.dll
2008-10-10 03:25 188416 --a------ C:\WINDOWS\system32\atipdlxx.dll
2008-10-10 03:25 143360 --a------ C:\WINDOWS\system32\Oemdspif.dll
2008-10-10 03:24 43520 --a------ C:\WINDOWS\system32\ati2edxx.dll
2008-10-10 03:24 26112 --a------ C:\WINDOWS\system32\Ati2mdxx.exe
2008-10-10 03:24 143360 --a------ C:\WINDOWS\system32\ati2evxx.dll
2008-10-10 03:22 581632 --a------ C:\WINDOWS\system32\ati2evxx.exe
2008-10-10 03:21 53248 --a------ C:\WINDOWS\system32\ATIDDC.DLL
2008-10-10 03:13 307200 --a------ C:\WINDOWS\system32\atiiiexx.dll
2008-10-10 03:11 4008928 --a------ C:\WINDOWS\system32\ati3duag.dll
2008-10-10 02:55 2399744 --a------ C:\WINDOWS\system32\ativvaxx.dll
2008-10-10 02:39 48640 --a------ C:\WINDOWS\system32\amdpcom32.dll
2008-10-10 02:35 380928 --a------ C:\WINDOWS\system32\atikvmag.dll
2008-10-10 02:34 39424 --a------ C:\WINDOWS\system32\atiadlxx.dll
2008-10-10 02:34 17408 --a------ C:\WINDOWS\system32\atitvo32.dll
2008-10-10 02:33 253952 --a------ C:\WINDOWS\system32\atiok3x2.dll
2008-10-10 02:27 573440 --a------ C:\WINDOWS\system32\ati2cqag.dll
2008-10-10 02:26 53248 --a------ C:\WINDOWS\system32\drivers\ati2erec.dll
2008-10-09 21:20 593920 --------- C:\WINDOWS\system32\ati2sgag.exe
2008-10-09 16:02 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\uTorrent
2008-10-09 16:02 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\EmailNotifier
2008-10-04 07:05 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\ABBYY
2008-10-01 21:02 --------- d-------- C:\Program Files\MAXBrowse
2008-10-01 20:13 73216 --a------ C:\WINDOWS\ST6UNST.EXE
2008-10-01 20:13 286720 --------- C:\WINDOWS\Setup1.exe
2008-10-01 19:22 --------- d-------- C:\DOCUME~1\KOBYKA~1\DANEAP~1\superhudeditor
2008-08-13 12:47 22328 --a------ C:\DOCUME~1\KOBYKA~1\DANEAP~1\PnkBstrK.sys
2006-06-23 23:48 32768 -ra------ C:\WINDOWS\inf\UpdateUSB.exe
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
*Note* empty entries & legit default entries are not shown
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C}]
2008-09-07 15:47 62728 --a------ C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Omnipage"="C:\Program Files\ScanSoft\OmniPageSE\opware32.exe" [2002-06-03 11:38]
"CTStartup"="C:\Program Files\Creative\Splash Screen\CTEaxSpl.exe" [2001-09-15 02:10]
"WinampAgent"="C:\Program Files\Winamp\winampa.exe" [2008-01-15 23:54]
"DrvIcon"="C:\Program Files\Vista Drive Icon\DrvIcon.exe" [2007-07-04 20:59]
"CTxfiHlp"="CTXFIHLP.EXE" [2006-08-11 13:56 C:\WINDOWS\system32\CTXFIHLP.EXE]
"ISUSPM Startup"="C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe" []
"ISUSScheduler"="C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" [2005-08-11 14:30]
"SunJavaUpdateSched"="C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe" [2008-06-10 03:27]
"NeroFilterCheck"="C:\WINDOWS\system32\NeroCheck.exe" [2001-07-09 09:50]
"AVP"="C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe" [2008-04-25 17:21]
"QuickTime Task"="C:\Program Files\QuickTime\qttask.exe" [2008-03-28 22:37]
"BluetoothAuthenticationAgent"="bthprops.cpl" [2008-04-14 21:51 C:\WINDOWS\system32\bthprops.cpl]
"StartCCC"="C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-01 15:23]
"MSConfig"="C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe" [2008-04-14 21:51]
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS\system32\ctfmon.exe" [2008-04-14 21:51]
"C:\Program Files\NetMeter\NetMeter.exe"="C:\Program Files\NetMeter\NetMeter.exe" [2007-08-11 15:50]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" [2008-03-20 17:46]
"DAEMON Tools Pro Agent"="C:\Program Files\DAEMON Tools Pro\DTProAgent.exe" [2007-09-06 14:08]
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"RunStartupScriptSync"=0 (0x0)
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\dimsntfy]
C:\WINDOWS\System32\dimsntfy.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"appinit_dlls"=C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\kloehk.dll
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CTHelper]
CTHELPER.EXE
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Pro Agent]
"C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
"C:\Program Files\Messenger\msmsgs.exe" /background
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\WINDOWS\system32\NeroCheck.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSuiteTrayApplication]
C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication.exe -startup
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
"C:\Program Files\QuickTime\qttask.exe" -atboottime
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UpdReg]
C:\WINDOWS\Updreg.exe
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\services]
"Ati HotKey Poller"=2 (0x2)
"Apple Mobile Device"=2 (0x2)
"helpsvc"=2 (0x2)
"PnkBstrA"=2 (0x2)
"aawservice"=2 (0x2)
"TapiSrv"=3 (0x3)
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\run-]
"AlcoholAutomount"="C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run-]
"Jet Detection"=C:\Program Files\Creative\SBAudigy\PROGRAM\ADGJDet.exe
R0 klbg;Kaspersky Lab Boot Guard Driver;C:\WINDOWS\system32\drivers\klbg.sys
R0 Pnp680r;Silicon Image SiI 0680 Medley Raid Controller;C:\WINDOWS\system32\DRIVERS\pnp680r.sys
R1 appdrv01;Application Driver (01);C:\WINDOWS\system32\Drivers\appdrv01.sys
R2 ABBYY.Licensing.FineReader.Professional.9.0;ABBYY FineReader 9.0 PE Licensing Service;"C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe" -service
R3 AtcL001;NDIS Miniport Driver for Attansic L1 Gigabit Ethernet Controller;C:\WINDOWS\system32\DRIVERS\atl01_xp.sys
R3 KLFLTDEV;Kaspersky Lab KLFltDev;C:\WINDOWS\system32\DRIVERS\klfltdev.sys
R3 klim5;Kaspersky Anti-Virus NDIS Filter;C:\WINDOWS\system32\DRIVERS\klim5.sys
S1 ATITool;ATITool Overclocking Utility;C:\WINDOWS\system32\DRIVERS\ATITool.sys
S2 appdrvrem01;Application Driver Auto Removal Service (01);C:\WINDOWS\System32\appdrvrem01.exe svc
S2 gupdate1c95213761d2e90;Google Update Service (gupdate1c95213761d2e90);"C:\Program Files\Google\Update\GoogleUpdate.exe" /svc
S3 Dot3svc;Automatyczna konfiguracja sieci przewodowej;C:\WINDOWS\System32\svchost.exe -k dot3svc
S3 EapHost;Usługa protokołu uwierzytelniania rozszerzonego (EAP);C:\WINDOWS\System32\svchost.exe -k eapsvcs
S3 hkmsvc;Usługa zarządzania kluczami i certyfikatami kondycji;C:\WINDOWS\System32\svchost.exe -k netsvcs
S3 LGDDCDevice;LGDDCDevice;\??\C:\Program Files\LG Soft India\forteManager\bin\I2CDriver.sys
S3 LGII2CDevice;LGII2CDevice;\??\C:\Program Files\LG Soft India\forteManager\bin\PII2CDriver.sys
S3 napagent;Agent ochrony dostępu do sieci;C:\WINDOWS\System32\svchost.exe -k netsvcs
S3 NPF;NetGroup Packet Filter Driver;C:\WINDOWS\system32\drivers\npf.sys
S3 npkycryp;npkycryp;\??\H:\GRY\kamael\system\npkycryp.sys
S3 RivaTuner32;RivaTuner32;\??\C:\Program Files\RivaTuner v2.08\RivaTuner32.sys
S3 tapvpn;TAP VPN Adapter;C:\WINDOWS\system32\DRIVERS\tapvpn.sys
S3 usbscan;Sterownik skanera USB;C:\WINDOWS\system32\DRIVERS\usbscan.sys
S3 USBSTOR;Sterownik magazynu masowego USB;C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
S3 XPAD;XBox Controllers USB HID Mini Driver;C:\WINDOWS\system32\Drivers\xpad.sys
S4 npkcmsvc;npkcmsvc;E:\gry\Mabingi\npkcmsvc.exe
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
eapsvcs eaphost
dot3svc dot3svc
HPZ12 Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt hpqcxs08 hpqddsvc
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs
napagent
hkmsvc
[HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{15f40aee-2d61-11dd-9dc1-001bfcfd1aca}]
AutoRun\command- C:\WINDOWS\system32\RunDLL32.EXE Shell32.DLL,ShellExec_RunDLL wscript.exe
Contents of the 'Scheduled Tasks' folder
2008-12-01 10:35:52 C:\WINDOWS\Tasks\GoogleUpdateTaskMachine.job - C:\Program Files\Google\Update\GoogleUpdate.exe
**************************************************************************
catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-12-01 13:56:06
Windows 5.1.2600 Dodatek Service Pack 3 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
CTStartup = C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run??????????st????\?w? ?w???????w???w4???????.??w4???????4???TA?s4????????&8?T???\???????????\???\???????t???5?7~e?7~\???\?????????_?L????C@?\???\??????s????\??????s\????&8?A??s?&8??C@?x???`|?w\?????@
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"C:\\Program Files\\NetMeter\\NetMeter.exe"="C:\\Program Files\\NetMeter\\NetMeter.exe"
Completion time: 2008-12-01 13:56:40
C:\ComboFix-quarantined-files.txt ... 2008-12-01 13:56
C:\ComboFix2.txt ... 2008-07-02 06:52
--- E O F ---
Hijack
- Kod: Zaznacz wszystko
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:01:05, on 2008-12-01
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\NetMeter\NetMeter.exe
C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe
C:\Program Files\DAEMON Tools Pro\DTProAgent.exe
C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\PROGRA~1\COMMON~1\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Xfire\xfire.exe
C:\Program Files\Mozilla Firefox 3 Beta 3\firefox.exe
C:\WINDOWS\explorer.exe
D:\Programy\Antywirusy\SKAMOWANIE LOGI ZABEZPIECZENI\wwdc.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll
O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: Mega Manager IE Click Monitor - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - C:\Program Files\Megaupload\Mega Manager\MegaIEMn.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [Omnipage] C:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [CTxfiHlp] CTXFIHLP.EXE
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\isuspm.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [C:\Program Files\NetMeter\NetMeter.exe] C:\Program Files\NetMeter\NetMeter.exe
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz za pomocą Mega Manager... - C:\Program Files\Megaupload\Mega Manager\mm_file.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra 'Tools' menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.4.2\gears.dll
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxernsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\prxerdrv.dll
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C} (NeffyLauncherCtl Class) - http://disteng.nefficient.com/disteng/neffy/NeffyLauncher.cab
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\mzvkbd.dll,C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\adialhk.dll,C:\PROGRA~1\KASPER~1\Kaspersky Internet Security 2009\kloehk.dll
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Application Driver Auto Removal Service (01) (appdrvrem01) - Protection Technology - C:\WINDOWS\System32\appdrvrem01.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Kaspersky Internet Security (avp) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate1c95213761d2e90) (gupdate1c95213761d2e90) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\Program Files\WinPcap\rpcapd.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
--
End of file - 9676 bytes
oraz skasuj folder C:\